This work aims to examine the vulnerabilities and threats in the applications of intelligent transport systems,especially collision avoidance protocols.It focuses on achieving the availability of network communication...This work aims to examine the vulnerabilities and threats in the applications of intelligent transport systems,especially collision avoidance protocols.It focuses on achieving the availability of network communication among traveling vehicles.Finally,it aims to find a secure solution to prevent blackhole attacks on vehicular network communications.The proposed solution relies on authenticating vehicles by joining a blockchain network.This technology provides identification information and receives cryptography keys.Moreover,the ad hoc on-demand distance vector(AODV)protocol is used for route discovery and ensuring reliable node communication.The system activates an adaptive mode for monitoring communications and continually adjusts trust scores based on packet delivery performance.From the experimental study,we can infer that the proposed protocol has successfully detected and prevented blackhole attacks for different numbers of simulated vehicles and at different traveling speeds.This reduces accident rates by 60%and increases the packet delivery ratio and the throughput of the connecting network by 40%and 20%,respectively.However,extra overheads in delay and memory are required to create and initialize the blockchain network.展开更多
LEACH (Low-Encrgy Adaptive Clustering Hi-erarchy) protocol is a basic clustering-based routing protocol of sensor networks. In this paper, we present the design of SLEACH, asecure extension for the LEACH protocol. We ...LEACH (Low-Encrgy Adaptive Clustering Hi-erarchy) protocol is a basic clustering-based routing protocol of sensor networks. In this paper, we present the design of SLEACH, asecure extension for the LEACH protocol. We divide SLEACH into four phases and fit inexpensivecryplp-graphic operations to each part of the protocol functionality to create an efficient,practical protocol. Then we give security analyses of SLEACH. Our security analyses show that ourschemeis robust against any external attacker or compromised nodes in the sensor network.展开更多
This paper studies how to take advantage of other's computing ability to sign a message with one's private key without disclosing the private key. A protocol to this problem is presented, and it is proven, by ...This paper studies how to take advantage of other's computing ability to sign a message with one's private key without disclosing the private key. A protocol to this problem is presented, and it is proven, by well known simulation paradigm, that this protocol is private.展开更多
With the development of cloud computing technology,more and more data owners upload their local data to the public cloud server for storage and calculation.While this can save customers’operating costs,it also poses ...With the development of cloud computing technology,more and more data owners upload their local data to the public cloud server for storage and calculation.While this can save customers’operating costs,it also poses privacy and security challenges.Such challenges can be solved using secure multi-party computation(SMPC),but this still exposes more security issues.In cloud computing using SMPC,clients need to process their data and submit the processed data to the cloud server,which then performs the calculation and returns the results to each client.Each client and server must be honest.If there is cooperation or dishonest behavior between clients,some clients may profit from it or even disclose the private data of other clients.This paper proposes the SMPC based on a Partially-Homomorphic Encryption(PHE)scheme in which an addition homomorphic encryption algorithm with a lower computational cost is used to ensure data comparability and Zero-Knowledge Proof(ZKP)is used to limit the client’s malicious behavior.In addition,the introduction of Oblivious Transfer(OT)technology also ensures that the semi-honest cloud server knows nothing about private data,so that the cloud server of this scheme can calculate the correct data in the case of malicious participant models and safely return the calculation results to each client.Finally,the security analysis shows that the scheme not only ensures the privacy of participants,but also ensures the fairness of the comparison protocol data.展开更多
Mavlink is a lightweight and most widely used open-source communication protocol used for Unmanned Aerial Vehicles.Multiple UAVs and autopilot systems support it,and it provides bi-directional communication between th...Mavlink is a lightweight and most widely used open-source communication protocol used for Unmanned Aerial Vehicles.Multiple UAVs and autopilot systems support it,and it provides bi-directional communication between the UAV and Ground Control Station.The communications contain critical information about the UAV status and basic control commands sent from GCS to UAV and UAV to GCS.In order to increase the transfer speed and efficiency,the Mavlink does not encrypt the messages.As a result,the protocol is vulnerable to various security attacks such as Eavesdropping,GPS Spoofing,and DDoS.In this study,we tackle the problem and secure the Mavlink communication protocol.By leveraging the Mavlink packet’s vulnerabilities,this research work introduces an experiment in which,first,the Mavlink packets are compromised in terms of security requirements based on our threat model.The results show that the protocol is insecure and the attacks carried out are successful.To overcomeMavlink security,an additional security layer is added to encrypt and secure the protocol.An encryption technique is proposed that makes the communication between the UAV and GCS secure.The results show that the Mavlink packets are encrypted using our technique without affecting the performance and efficiency.The results are validated in terms of transfer speed,performance,and efficiency compared to the literature solutions such as MAVSec and benchmarked with the original Mavlink protocol.Our achieved results have significant improvement over the literature and Mavlink in terms of security.展开更多
According to the security requirement of the short message service (SMS) industry application, a secure short message communication protocol is proposed. This is an application level protocol constructed on the stan...According to the security requirement of the short message service (SMS) industry application, a secure short message communication protocol is proposed. This is an application level protocol constructed on the standard SMS communication protocol using public key authentication and key agreement without the need of wireless public key infrastructure (WPKI). Secure short message transmission and dynamic key agreement between mobile terminals and the accessing gateway axe realized. The security of the proposed protocol is validated through the BAN logic. Compared with the standard SMS protocol, the effective payload rate of our protocol can reach 91.4%, and subscriber identity module (SIM) tool kit (STK) applications based on our protocol suit well for all kinds of mobile terminals in practical application.展开更多
Quantitative security metrics are desirable for measuring the performance of information security controls. Security metrics help to make functional and business decisions for improving the performance and cost of the...Quantitative security metrics are desirable for measuring the performance of information security controls. Security metrics help to make functional and business decisions for improving the performance and cost of the security controls. However, defining enterprise-level security metrics has already been listed as one of the hard problems in the Info Sec Research Council's hard problems list. Almost all the efforts in defining absolute security metrics for the enterprise security have not been proved fruitful. At the same time, with the maturity of the security industry, there has been a continuous emphasis from the regulatory bodies on establishing measurable security metrics. This paper addresses this need and proposes a relative security metric model that derives three quantitative security metrics named Attack Resiliency Measure(ARM), Performance Improvement Factor(PIF), and Cost/Benefit Measure(CBM) for measuring the performance of the security controls. For the effectiveness evaluation of the proposed security metrics, we took the secure virtual machine(VM) migration protocol as the target of assessment. The virtual-ization technologies are rapidly changing the landscape of the computing world. Devising security metrics for virtualized environment is even more challenging. As secure virtual machine migration is an evolving area and no standard protocol is available specifically for secure VM migration. This paper took the secure virtual machine migration protocol as the target of assessment and applied the proposed relative security metric model for measuring the Attack Resiliency Measure, Performance Improvement Factor, and Cost/Benefit Measure of the secure VM migration protocol.展开更多
Most of the public key algorithms used in the exchange of information for power data transmission protocols are RSA. The core of the key part of this kind of algorithm system has not been announced. For the domestic s...Most of the public key algorithms used in the exchange of information for power data transmission protocols are RSA. The core of the key part of this kind of algorithm system has not been announced. For the domestic sensitive information data field, there are threats such as preset backdoors and security vulnerabilities. In response to the above problems, the article introduces a secure communication protocol based on the optimized Secret SM2 algorithm, which uses socket programming to achieve two-way encrypted communication between clients and services, and is able to complete the security protection of data encryption transmission, authentication, data tampering, etc., and proves through experiments that the security protocol is more secure than traditional methods, can effectively identify each other, carry out stable and controllable data encryption transmission, and has good applicability.展开更多
To guarantee the security of communication in the public channel, many key agreement protocols have been proposed. Recently, Gong et al. proposed a key agreement protocol based on chaotic maps with password sharing. I...To guarantee the security of communication in the public channel, many key agreement protocols have been proposed. Recently, Gong et al. proposed a key agreement protocol based on chaotic maps with password sharing. In this paper, Gong et al.'s protocol is analyzed, and we find that this protocol exhibits key management issues and potential security problems. Furthermore, the paper presents a new key agreement protocol based on enhanced Chebyshev polynomials to overcome these problems. Through our analysis, our key agreement protocol not only provides mutual authentication and the ability to resist a variety of conarnon attacks, but also solve the problems of key management and security issues existing in Gong et al.' s protocol.展开更多
Efficiency and scalability are still the bottleneck for secure multi-party computation geometry (SMCG). In this work a secure planar convex hull (SPCH) protocol for large-scaled point sets in semi-honest model has...Efficiency and scalability are still the bottleneck for secure multi-party computation geometry (SMCG). In this work a secure planar convex hull (SPCH) protocol for large-scaled point sets in semi-honest model has been proposed efficiently to solve the above problems. Firstly, a novel priva- cy-preserving point-inclusion (PPPI) protocol is designed based on the classic homomorphic encryp- tion and secure cross product protocol, and it is demonstrated that the complexity of PPPI protocol is independent of the vertex size of the input convex hull. And then on the basis of the novel PPPI pro- tocol, an effective SPCH protocol is presented. Analysis shows that this SPCH protocol has a good performance for large-scaled point sets compared with previous solutions. Moreover, analysis finds that the complexity of our SPCH protocol relies on the size of the points on the outermost layer of the input point sets only.展开更多
Based on the deterministic secure quantum communication, we present a novel quantum dialogue protocol with- out information leakage over the collective noise channel. The logical qubits and four-qubit decoherence-free...Based on the deterministic secure quantum communication, we present a novel quantum dialogue protocol with- out information leakage over the collective noise channel. The logical qubits and four-qubit decoherence-free states are introduced for resisting against collective-dephasing noise, collective-rotation noise and all kinds of unitary collective noise, respectively. Compared with the existing similar protocols, the analyses on security and information-theoretical emciency show that the proposed protocol is more secure and emeient.展开更多
The key exchange is a fundamental building block in the cryptography. Several provable security models for the key exchange protocol are proposed. To determine the exact properties required by the protocols, a single ...The key exchange is a fundamental building block in the cryptography. Several provable security models for the key exchange protocol are proposed. To determine the exact properties required by the protocols, a single unified security model is essential, The eCK , eCK and CK models are examined and the result is proved that the eCK' model is the strongest provable security model for the key exchange. The relative security strength among these models is analyzed. To support the implication or non-implication relations among these models, the formal proofs and the counter-examples are given.展开更多
文摘This work aims to examine the vulnerabilities and threats in the applications of intelligent transport systems,especially collision avoidance protocols.It focuses on achieving the availability of network communication among traveling vehicles.Finally,it aims to find a secure solution to prevent blackhole attacks on vehicular network communications.The proposed solution relies on authenticating vehicles by joining a blockchain network.This technology provides identification information and receives cryptography keys.Moreover,the ad hoc on-demand distance vector(AODV)protocol is used for route discovery and ensuring reliable node communication.The system activates an adaptive mode for monitoring communications and continually adjusts trust scores based on packet delivery performance.From the experimental study,we can infer that the proposed protocol has successfully detected and prevented blackhole attacks for different numbers of simulated vehicles and at different traveling speeds.This reduces accident rates by 60%and increases the packet delivery ratio and the throughput of the connecting network by 40%and 20%,respectively.However,extra overheads in delay and memory are required to create and initialize the blockchain network.
文摘LEACH (Low-Encrgy Adaptive Clustering Hi-erarchy) protocol is a basic clustering-based routing protocol of sensor networks. In this paper, we present the design of SLEACH, asecure extension for the LEACH protocol. We divide SLEACH into four phases and fit inexpensivecryplp-graphic operations to each part of the protocol functionality to create an efficient,practical protocol. Then we give security analyses of SLEACH. Our security analyses show that ourschemeis robust against any external attacker or compromised nodes in the sensor network.
文摘This paper studies how to take advantage of other's computing ability to sign a message with one's private key without disclosing the private key. A protocol to this problem is presented, and it is proven, by well known simulation paradigm, that this protocol is private.
基金supported by the National Natural Science Foundation of China under Grant No.(62202118.61962009)And in part by Natural Science Foundation of Shandong Province(ZR2021MF086)+1 种基金And in part by Top Technology Talent Project from Guizhou Education Department(Qian jiao ji[2022]073)And in part by Foundation of Guangxi Key Laboratory of Cryptography and Information Security(GCIS202118).
文摘With the development of cloud computing technology,more and more data owners upload their local data to the public cloud server for storage and calculation.While this can save customers’operating costs,it also poses privacy and security challenges.Such challenges can be solved using secure multi-party computation(SMPC),but this still exposes more security issues.In cloud computing using SMPC,clients need to process their data and submit the processed data to the cloud server,which then performs the calculation and returns the results to each client.Each client and server must be honest.If there is cooperation or dishonest behavior between clients,some clients may profit from it or even disclose the private data of other clients.This paper proposes the SMPC based on a Partially-Homomorphic Encryption(PHE)scheme in which an addition homomorphic encryption algorithm with a lower computational cost is used to ensure data comparability and Zero-Knowledge Proof(ZKP)is used to limit the client’s malicious behavior.In addition,the introduction of Oblivious Transfer(OT)technology also ensures that the semi-honest cloud server knows nothing about private data,so that the cloud server of this scheme can calculate the correct data in the case of malicious participant models and safely return the calculation results to each client.Finally,the security analysis shows that the scheme not only ensures the privacy of participants,but also ensures the fairness of the comparison protocol data.
文摘Mavlink is a lightweight and most widely used open-source communication protocol used for Unmanned Aerial Vehicles.Multiple UAVs and autopilot systems support it,and it provides bi-directional communication between the UAV and Ground Control Station.The communications contain critical information about the UAV status and basic control commands sent from GCS to UAV and UAV to GCS.In order to increase the transfer speed and efficiency,the Mavlink does not encrypt the messages.As a result,the protocol is vulnerable to various security attacks such as Eavesdropping,GPS Spoofing,and DDoS.In this study,we tackle the problem and secure the Mavlink communication protocol.By leveraging the Mavlink packet’s vulnerabilities,this research work introduces an experiment in which,first,the Mavlink packets are compromised in terms of security requirements based on our threat model.The results show that the protocol is insecure and the attacks carried out are successful.To overcomeMavlink security,an additional security layer is added to encrypt and secure the protocol.An encryption technique is proposed that makes the communication between the UAV and GCS secure.The results show that the Mavlink packets are encrypted using our technique without affecting the performance and efficiency.The results are validated in terms of transfer speed,performance,and efficiency compared to the literature solutions such as MAVSec and benchmarked with the original Mavlink protocol.Our achieved results have significant improvement over the literature and Mavlink in terms of security.
基金This work was supported by the Mobile Police Project of China(No.J1GAB23W013)National High Technology Research and Development Program of China(863 Program,No.2007AA01Z479).
文摘According to the security requirement of the short message service (SMS) industry application, a secure short message communication protocol is proposed. This is an application level protocol constructed on the standard SMS communication protocol using public key authentication and key agreement without the need of wireless public key infrastructure (WPKI). Secure short message transmission and dynamic key agreement between mobile terminals and the accessing gateway axe realized. The security of the proposed protocol is validated through the BAN logic. Compared with the standard SMS protocol, the effective payload rate of our protocol can reach 91.4%, and subscriber identity module (SIM) tool kit (STK) applications based on our protocol suit well for all kinds of mobile terminals in practical application.
文摘Quantitative security metrics are desirable for measuring the performance of information security controls. Security metrics help to make functional and business decisions for improving the performance and cost of the security controls. However, defining enterprise-level security metrics has already been listed as one of the hard problems in the Info Sec Research Council's hard problems list. Almost all the efforts in defining absolute security metrics for the enterprise security have not been proved fruitful. At the same time, with the maturity of the security industry, there has been a continuous emphasis from the regulatory bodies on establishing measurable security metrics. This paper addresses this need and proposes a relative security metric model that derives three quantitative security metrics named Attack Resiliency Measure(ARM), Performance Improvement Factor(PIF), and Cost/Benefit Measure(CBM) for measuring the performance of the security controls. For the effectiveness evaluation of the proposed security metrics, we took the secure virtual machine(VM) migration protocol as the target of assessment. The virtual-ization technologies are rapidly changing the landscape of the computing world. Devising security metrics for virtualized environment is even more challenging. As secure virtual machine migration is an evolving area and no standard protocol is available specifically for secure VM migration. This paper took the secure virtual machine migration protocol as the target of assessment and applied the proposed relative security metric model for measuring the Attack Resiliency Measure, Performance Improvement Factor, and Cost/Benefit Measure of the secure VM migration protocol.
文摘Most of the public key algorithms used in the exchange of information for power data transmission protocols are RSA. The core of the key part of this kind of algorithm system has not been announced. For the domestic sensitive information data field, there are threats such as preset backdoors and security vulnerabilities. In response to the above problems, the article introduces a secure communication protocol based on the optimized Secret SM2 algorithm, which uses socket programming to achieve two-way encrypted communication between clients and services, and is able to complete the security protection of data encryption transmission, authentication, data tampering, etc., and proves through experiments that the security protocol is more secure than traditional methods, can effectively identify each other, carry out stable and controllable data encryption transmission, and has good applicability.
基金Project supported by the National Natural Science Foundation of China(Grant Nos.61370145,61173183,and 60973152)the Doctoral Program Foundation of Institution of Higher Education of China(Grant No.20070141014)+2 种基金the Program for Excellent Talents in Universities of Liaoning Province,China(Grant No.LR2012003)the Natural Science Foundation of Liaoning Province,China(Grant No.20082165)the Fundamental Research Funds for the Central Universities of China(Grant No.DUT12JB06)
文摘To guarantee the security of communication in the public channel, many key agreement protocols have been proposed. Recently, Gong et al. proposed a key agreement protocol based on chaotic maps with password sharing. In this paper, Gong et al.'s protocol is analyzed, and we find that this protocol exhibits key management issues and potential security problems. Furthermore, the paper presents a new key agreement protocol based on enhanced Chebyshev polynomials to overcome these problems. Through our analysis, our key agreement protocol not only provides mutual authentication and the ability to resist a variety of conarnon attacks, but also solve the problems of key management and security issues existing in Gong et al.' s protocol.
基金Supported by the Young Scientists Program of CUEB(No.2014XJQ016,00791462722337)National Natural Science Foundation of China(No.61302087)+1 种基金Young Scientific Research Starting Foundation of CUEBImprove Scientific Research Foundation of Beijing Education
文摘Efficiency and scalability are still the bottleneck for secure multi-party computation geometry (SMCG). In this work a secure planar convex hull (SPCH) protocol for large-scaled point sets in semi-honest model has been proposed efficiently to solve the above problems. Firstly, a novel priva- cy-preserving point-inclusion (PPPI) protocol is designed based on the classic homomorphic encryp- tion and secure cross product protocol, and it is demonstrated that the complexity of PPPI protocol is independent of the vertex size of the input convex hull. And then on the basis of the novel PPPI pro- tocol, an effective SPCH protocol is presented. Analysis shows that this SPCH protocol has a good performance for large-scaled point sets compared with previous solutions. Moreover, analysis finds that the complexity of our SPCH protocol relies on the size of the points on the outermost layer of the input point sets only.
基金Supported by the Foundation and Frontier Research Program of Chongqing Science and Technology Commission of China under Grant No cstc2016jcyjA0571
文摘Based on the deterministic secure quantum communication, we present a novel quantum dialogue protocol with- out information leakage over the collective noise channel. The logical qubits and four-qubit decoherence-free states are introduced for resisting against collective-dephasing noise, collective-rotation noise and all kinds of unitary collective noise, respectively. Compared with the existing similar protocols, the analyses on security and information-theoretical emciency show that the proposed protocol is more secure and emeient.
基金Supported by the National High Technology Research and Development Program of China("863"Program)(2006AA706103)~~
文摘The key exchange is a fundamental building block in the cryptography. Several provable security models for the key exchange protocol are proposed. To determine the exact properties required by the protocols, a single unified security model is essential, The eCK , eCK and CK models are examined and the result is proved that the eCK' model is the strongest provable security model for the key exchange. The relative security strength among these models is analyzed. To support the implication or non-implication relations among these models, the formal proofs and the counter-examples are given.
